Routers traditionally come packed with firmware that is accessible and configured in GUI format. Often, the amount the user can configure is rather limited, and monitoring tools can be few and far between…or even non-existent!
By ‘flashing’ firmware onto your router, you can have more options to play with and make little tweaks that perhaps you couldn’t previously. Basically, you start off with your existing ‘stock’ firmware – stock firmware refers to the firmware shipped with your router.
Features they all have in common
DD-WRT, OpenWRT & Tomato Features basically including:
In general, Tomato and its derivatives are for Broadcom routers. Tomato firmware is probably the easiest to use of the bunch the GUI menu system is relatively intuitive and lets the user get their hands dirty to a certain extent. But perhaps not as much as its counterparts. Yes, there are options to configure QoS and VPN. There’s also advanced firewall features and the ability to tweak access on a user level. A big plus is the monitoring tool. Tomato firmware actually monitors in real-time which could swing it for some. One downside is that Tomato is not compatible with as many routers as either OpenWRT or DDWRT and it’s not anymore under active development, of course there exist some forks but the project itself is dead, the successor seems ‘Shibby’.
OpenWRT is the original of the three and is once based on Linux. It was a command line only deal, but with LuCI or Gargoyle, there is now thankfully a GUI available. However OpenWRT is arguably the trickiest of the 3 to get up and running. Most importantly, you need to make sure you download the correct image file to install. OpenWRT has the same issue like Tomato, it’s about to die – the successor is LEDE.
SabaiOS is a Tomato fork created by Sabai Technology for use in its pre-flashed Routers with third-party VPN support. SabaiOS adds a number of features to Tomato like dual gateways and port forwarding. Their OpenVPN implementation requires only the configuration file from your VPN. If you buy a branded router for your VPN provider set up can be even easier.
After flashing the firmware I not getting a better Wifi signal
That’s normal! There myths telling you that newer hardware magically increase your range or WiFi signal – Wrong – But why? Cause there standards which prevent manufactures to use more energy. That said you signal strength never changes unless you would manipulate the energy, but what it can increase is the amount of data which are sent on the same signal. That means whenever you buy a new router you get more data on the same signal strength. If the signal is too low to reach all your devices you need to use a repeater.
What’s the best? – Which one should you choose?
It’s depending on what you define ‘best’, I define it by:
- Is your router supported? How well is the aftermarket firmware you flash documented?
- Did you checked the reviews/comments BEFORE you flashed the firmware to avoid a big surprise?
- Do you have problems with your stock firmware?
- What features you need?
- How complicated is the install/update process – are you able to understand it?
- Reliability – network stability both on cable and wireless and on the usb drive.
- Performance – network speed, very important also usb drive speed.
- Check your firmware for holes e.g. with a simple Port Scan. never trust something only based on reviews, make the check yourself! Don’t be lazy!
- If you are a buyer and you can choose, don’t buy Netgear, D-Link or LinkSys – ask yourself if you want to support them?
- Encryption is a must, it deters cybercriminals, rogue government, censorship, and protects the rights of free speech and privacy online once again. If your router doesn’t support basic things like allowing to use a VPN service/provider then go back to 9). and ask yourself again why you want to support it? Is it worth to buy hardware and then flash another firmware on it? Does it changes them to re-think about their products and how this helps others?!
My advice is to just avoid DD-WRT. The community is so hostile and unhelpful, the site and wiki full of conflicting information, and almost all builds for anything besides the old Linksys gear is in a real unstable state. It seems almost inevitable that DD-WRT will just result in bricking your router and having some forum asshole mock you for it.
Start with OpenWRT/LEDE if you’re a beginner (if possible). OpenWRT’s community is truly great, and the web interface (LuCI) used in the firmware has come on leaps and bounds in the past couple of years.
- Tomato VPN/Shibby
- My Open Router
- PfSense (Spec. Chart to show supported chips)
- List of router firmware projects (wikipedia.com)
- LEDE and OpenWrt – A reboot of the OpenWrt community
- Router Charts (smallnetbuilder.com)
- Way to Go, FCC. Now Manufacturers Are Locking Down Routers (wired.com)
- No, The FCC Is Not (Intentionally) Trying To Kill Third-Party Wi-Fi Router Firmware (TechDirt)
- Best Wireless Routers for OpenWrt and dd-wrt Chart (rooftopbazaar.com)
- Would You Like a Backdoor With That Linksys Router, Sir? (BleepingComputer.com)
- Netis Routers Leave Wide Open Backdoor (Trendmicro Blog)